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DETAILED ACTION 

A- Summary of Prosection: 

1. Claims 1-15 were submitted for examination and rejected under 35 U.S.C. 102 and 103. 

2. Claims 8-10 and 15 were amended. Arguments were presented regarding Applicant's 
interpretation of claim language relative to Examiner's rejections. Examiner allowed Applicant's 
claims. 

3 . Withdraw of Allowance. 

4. Claims 1-15 have been further examined and stand rejected. New art is asserted herein. 

Allowable Subject Matter 

5. Applicant is advised that the Notice of Allowance mailed July 19, 1999 is vacated. If the 
issue fee has already been paid, applicant may request a refund or request that the fee be credited 
to a deposit account. However, applicant may wait until the application is either found allowable 
or held abandoned. If allowed, upon receipt of a new Notice of Allowance, applicant may request 
that the previously submitted issue fee be applied. If abandoned, applicant may request refund or 
credit to a Deposit Account. 

6. Prosecution on the merits of this application is reopened on claims 1-15 considered 
unpatentable for the reasons indicated herein. 
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7. The indicated allowability of claims 1-15 is withdrawn in view of the newly discovered 
reference(s) provided within the new formal rejection. Rejections based on the newly cited 
reference(s) follow. 

B. Objections to the Specification and Claims: 

Specification 

8. The title of the invention is not descriptive. A new title is required that is clearly indicative 
of the invention to which the claims are directed. Specifically, the title is currently directed to a 
family of devices. 

Drawings 

9. The drawings are objected to under 37 CFR 1.83(a). The drawings must show every 
feature of the invention specified in the claims. Therefore, the "storing a first assignment of a first 
member of a community to a first manager position in the community; storing a second 
assignment of a second member of the community to a second manager position in the 
community, storing a third assignment of the first manger position to the second manager 
position, excluding access privileges, providing a portion of the access privileges of the second 
manager, and in general all limitations directed to manager to manager privilege setting must be 
shown or the features cancelled from the claim. Further, Applicant has not depicted the 
"automatically providing ... access privileges" No new matter should be entered. 
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C. Claim Interpretation and Definitions 

Preamble of the Claims 

1 0. The preamble of the claims presented for examination have not been given patentable 
weight. Appropriate weight is given to limitations recited in the body of the claim that are needed 
for the purpose of antecedence. "A mere statement of purpose or intended use in the preamble of 
a claim need not be considered in finding anticipation; however, it must be considered if the 
language of a preamble is necessary to give meaning to the claim" Diversitech Corp. v. Century 
Steps, Inc., 7 USPQ2d 1315 (Fed Cir. 1988); In re Stencel, 4 USPQ2d 1071 (Fed, Or. 1987) 

Claim Interpretation 

1 1. Examiner has given the broadest reasonable interpretation to the Applicant's claim 
language. As such, Examiner is providing a number of terms as defined in the art and used to 
interpret Applicant's claim language. Examiner is interpreting the following terms in light of the 
Applicant's specification and the well known definitions of the prior art teachings. An Applicant 
can be her own lexicographer. While applicant may be his or her own lexicographer, a term in a 
claim may not be given a meaning repugnant to the usual meaning of that term, In re Hill, 161 
F.2d 367, 73 USPQ 482 (CCPA 1947). Examiner has used Applicant's definitions and those 
which are well know and accepted meanings in the art to provide a basis for the relevance of 
specific rejected limitations in view of prior art know made of record. 
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12. Examiner has also interpreted the claim language of claims 1-6 as if they properly recited a 
computer implemented method so that the claims would past muster with under U.S.C. 35 101 as 
having industrial applicability and finding itself in the useful arts. Further, the specification has 
been viewed to provide the basis for nothing more than a computer system that implements an 
access privilege method. This does not go to enablement of Applicant's invention, only that the 
method is computer implemented. 

13. Examiner has further interpreted the claim language of claims 7-15 as if they had a 
statutory basis. This required reading into the claims whatever might be supported from the 
specification and ignoring the obtuse nature of the claims so that the claims might be rejected. 
However, Applicant is reminded that although the claims are interpreted in light of the 
specification, limitations from the specification are not read into the claims. /// re Van Gitens, 988 
F.2d 1 181, 26 USPQ2d 1057 (Fed. Cir. 1993). 

Definitions 

Community : May be business, organization, association or any other type of grouping having a 
plurality of members. Applicant f s specification. 

Member : Members may be persons, animals, objects or any other type of item of a community. 
Applicant \s specification. 
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Relationship: The state of being related or interrelated. The relation connecting or binding 
participants in a relationship. A state of affairs existing between those having relations or dealings. 
An association of information and/or data. Webster 's Collegiate Dictionary, J Oth ed. 

Assignment: The act of being assigned. A position, post , or office to which one is assigned. A 
special task or amount of work assigned or undertaken as if assigned by authority. Transfer of 
property. Webster 's Collegiate Dictionary, J Oth ed. 

Access Privileg es: Access privileges may be automatically granted base on the relationship when 
a relationship table is interrogated by an application that may activate an assignment. The 
assignment is approved then activated. The relationship and assignment provide the basis for the 
access level or privilege level. Limited access privileges may be a subset of access privileges of the 
administrative manager. Privileges may be varied for administrative and/or work assignment 
managers. Privileges, relationships and assignments are stored. Applicant 's specification 

Manager : A person responsible for the actions of a member within a group. Mangers may have 
disparate access privileges based on their position to access member information. Managers can 
change their position in the organization(s). Access privileges can also change. Mangers have 
various levels of access to member information based on their position in an organization(s). 
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Manger is a user with different levels of access than other users. Applicant 's specification, Well 
Known in the Art. 

Disparate access privileges: Different relationships may provide the managers with disparate 
access privileges to records of members reporting to mangers. In a community a member may be 
administratively assigned to a position of an organization A and be work assigned to an additional 
position of another organization B. The member is reporting to two different manages in two 
different organizations. Manager A has administrative responsibility for the member, while 
Manager B has work assignment responsibility. Manager A has a higher level of access to the 
member's information than the access level afforded Manager B. A manger is a user of the system 
with specific access privileges. Applicant *s specification, Well Known in the Art. 

D. SUMMARY OF THE INVENTION 

Applicant's present invention pertains to access privileges within a distributed data base 
system. Specifically, the claims are directed to associating or relating users and managers with 
specified group, member and/or user access privileges. The privilege levels of users, members, 
groups or manager users can be changed. A manager user can be afforded access rights a one 
level to one set of data and also be afforded different access rights to a second set of data. Users 
can be afforded different access levels to different data within different or the same system. In 
general Applicants are merely attempting to claim setting access privileges based on a business 
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organizational chart. Applicants have vialed the standard multilevel group, membership and user 
access privilege system in the cloak of business method. This is merely setting labels to specific 
users. A manger is a user with different levels of access relative to others in the organization. 
There can be afforded no patentable weight when the distinction is merely a label or specific use 
for a well known method, system, apparatus or processes. 

Applicant is reminded that a recitation of the intended use of the claimed invention must 
result in a structural difference between the claimed invention and the prior art in order to 
patentably distinguish the claimed invention from the prior art. If the prior art structure is capable 
of performing the intended use, then it meets the claim. In a claim drawn to a process of making, 
the intended use must result in a manipulative difference as compared to the prior art. /// re 
Casey, 152 USPQ 235 (CCPA 1967); /// re Otto, 136 USPQ 458, 459 (CCPA 1963). The 
components and their operations, as taught within the prior art teachings are functional 
equivalents, identical in operation and provide inherent operations that have an inevitable 
presence and are well known in the art. In re Bond, 15 USPQ2d 1566 (Fed. Cir. 1990), In re 
Robertson, 49 USPQ2d 1949 (Fed. Or. 1999) 
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E. CLAIM REJECTIONS UNDER 35 U.S.C. § 101 and 35 U.S.C. § 112 



Claim Rejections - 35 U.S.C. § 101 



14. The following is a quotation from 35 U.S. C § 101 which reads as follows: 



Whoever invents or discovers any new and useful process, machine, 



manufacture, or composition of matter, or any new and useful improvement thereof. 



may obtain a patent therefor, subject to the conditions and requirements of this title. 



Claims 7-15 are rejected under 35 U.S.C. § 101 as non-statutory subject matter The 
invention(s) as disclosed in claims 7 and 13 are directed to non-statutory subject matter. While 
the claims are in the technological arts, they are not limited to practical applications in the 
technological arts. 

Specifically, the claims are a series of steps to be performed, without a mention of a 
computer, but they disclose ideas disclosed abstractly from any particular practical application. 
Specifically, claim 7 merely recites: storing a first assignment of a first member of a community 
to a first manger position in the community; storing a second assignment of a second member of 
the community to a second manger position in the community and storing a third assignment of 
the first manager position to the second manager position. This is nothing more than storing 
data relationships between information in something. As to claim 13, merely recites: a plurality of 
allowed types of assignments of members of a community to positions in the community; a 
record of assignments of members of the community to positions in the comm unity and disparate 
access privileges to records of a member for at least two of the allowed types of assignments. 
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This is nothing more than data in a record or at best a relationship of data points with 
values. Applicants have not taught a pre or post operation, transformations nor provide any 
useful outcome, merely an abstraction of data stored in some unknown manner. 

To Constitutionally interpret the word "process", the Supreme Court has held that: 

"*** A process is a mode of treatment of certain materials to produce a given result. It is an act, 
or a series of acts, performed upon the subject matter to be transformed and reduced to a different 
state or thing. *** The process requires that certain things should be done with certain 
substances, and in a certain order, but the tools to be used in doing this may be of secondary' 
consequence." (emphasis added) Diamond, Commissioner of Patents and Trademarks v. Diehr 
and baton, 209 USPQ 1, 6 (1981) quoting Cochrane v. Deener, 94 U.S. 780, 787-788 (1876). 

This Constitutional interpretation of the word "process" is a long-standing one that the 
Supreme Court requires to be applied in interpreting 35 U.S.C 101. Diamond v. Diehr at 6. 
Consequently, the use of that interpretation is Constitutionally required when we interpret the 
Federal Circuit's standard that a"new and useful process" is one that produces a "useful, concrete, 
and tangible result". See, State Street Bank & Trust Co. v. Signature Financial Group, Inc., 47 
USPQ2d 1596, 1600-1601 (Fed. Cir 1998). 

In short, the invention cannot be a "new and useful process" if it is not a Constitutional 
"process" in the first place — regardless of how "useful, concrete, and tangible" one might argue it 
to be. The claimed invention is not patentable subject matter. 
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Applicant discloses no specific computer-readable medium, no manipulation of specific 
data representing physical objects or activities (pre-computer activity), nor does she disclose any 
specific independent physical acts being performed by the invention (post-computer activity). 

The claims merely manipulate abstract ideas in general without limitation to a practical 
application. An organizational chart stored in a filing cabinet could be read on Applicant's instant 
claims. Applicant's steps are so disembodied from any process that the Examiner has further 
attempted to determine if they could be statutory by looking at the claims through the standards 
defined Alappat-Warmerdam-State Street- AT&T series of cases. Unfortunately, Applicant's 
claims again fail the test. 

Both Alappat and State Street involved determinations of whether particular apparatus 
claims were statutory. AT&T and Warmerdam involved the issues of whether particular method 
claims were statutory. The analyses in AT&T and Warmerdam are relevant and applicable to the 
present case because the Federal Circuit has made clear that: 

"Whether stated implicitly or explicitly, we consider the scope of section 101 to be 
the same regardless of the form — machine or process — in which a particular 
claim is drafted. *** (...whether the invention is a process or a machine is 
irrelevant. The language of the Patent Act itself, as well as Supreme Court Rulings, 
clarifies that Alappat's invention fits comfortably within 35 U.S.C. Section 101 
whether viewed as a process or a machine. AT&T Corp. v. Excel 
Communications, Inc., 50 USPQ2d 1447, 145 l(Fed. Cir. 1999) (emphasis added). 

Clearly, the analyses in Warmerdam and AT&T are just as applicable to this case as the 
analyses in Alappat and State Street. Additionally, The Federal Circuit is clearly looking to and 
seeking consistency with the Patent Act and Supreme Court stare decisis. 
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Examiner readily finds the uses found by the Federal Circuit in Alappat (the "rasterizer" 
apparatus) and State Street (the transformation of "discrete dollar values"). Regarding the 
present case, Examiner seeks a similar use to test for concreteness and tangibility. 

Following the analytical structure found in both cases, Examiner looks beyond the 
"apparatus" recital in the claims to find the core use of the mathematics involved. Examiner finds 
no use in the claims. Thought the specification alludes to a readily discernable use, it has not been 
expressed in the claims. Abstract data is only stored, not transformed, in the instant claimed 
invention. 

Since the Warmerdam standards are just as applicable to apparatus or system claims as 
they are to process claims, Examiner looks to the rule that the act of "taking several abstract ideas 
and manipulating them together adds nothing to the basic equation." AT&T v. Excel at 1453 
quoting In re Warmerdam, 33 F.3d 1354, 1360 (Fed. Cir. 1994). 

The Examiner must treat each claim as a whole. The mere fact that a hardware element is 
recited in a claim does not necessarily limit the claim to a specific machine or manufacture, cf. In 
re Iwahashi, 888 F.2d 1370, 1374-75, 12 USPQ2d 1908, 191 1-12 (Fed. Cir. 1989), cited with 
approval in Alappat, 33 F.3d at 1544 n.24, 31 USPQ2d at 1558 n.24. Applicant has stopped short 
of claiming any computer implementation, functional or operational limitations that would breath 
a modicum of statutory life into the claims. Claims 8-12 and 14-15 inherit this defect. 
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Claim Rejections - 35 ILS.C. § 112 



15. 



The following is a quotation of the first paragraph of 35 U.S. C § 112: 



The specification shall contain a written description of the invention, and of the manner 
and process of making and using it, in such full, clear, concise, and exact terms as to 
enable any person skilled in the art to which it pertains, or with which it is most nearly 
connected, to make and use the same and shall set forth the best mode contemplated by 
the inventor of carrying out his invention. 



16. Claims 1-6 are rejected under 35 U.S.C § 1 12, first paragraph, as containing subject 
matter which was not described in the specification in such a way as to enable one skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and/or use the 
invention. Specifically, Applicant has not enabled "automatically providing... access privileges", as 
recited throughout claim 1, within the teachings of the specification as filed. One of ordinary skill 
or the skilled artisan could not, with the teachings of Applicant's invention, reduce to practice this 
aspect without undue experimentation. Claims 2-6 inherit this defect. 

17. Claims 7-15 are rejected under 35 U.S.C. § 1 12, first paragraph. Specifically, since the 
claimed invention is not supported by either a concrete and tangible asserted utility or a well 
established utility for the reasons set forth above, one skilled in the art clearly would not know 
how to use the claimed invention. One of ordinary skill or the skilled artisan could not, with the 
teachings of Applicant's invention, reduce to practice the limitations as presently recited within 
Applicant's claims without undue experimentation. 



Application/Control Number: 
Art Unit: 2123 



Page 14 



1 8 The following is a quotation of the second paragraph of 35 U.S. C 1 12: 

The specification shall conclude nith one or more claims particularly pointing out and 
distinctly claiming the subject matter which the applicant regards as his invention. 

19. Claims 7-15 are rejected under 35 U.S.C 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. Specifically, the claim 7 recites a method of storing relationships, however never 
gets around to claiming any functional or operational relationships nor any means for storing such 
relationships. Claim 7, merely recites a list of stored assignment data relating information between 
mangers, members and a community in a disjunct manner. 

The language recited from claim 7: "storing a first assignment of a first member of a 
community to a first manger position in the community ; storing a second assignment of a second 
member of the community to a second manger position in the community and storing a third 
assignment of the first manager position to the second manager position" is indefinite and does 
not particularly point out and distinctly claim the Applicant's invention in a comprehendible 
fashion. 

Claim 13 recites a system for providing access privileges, however never gets around to 
claiming any functional or operational system for providing the access privileges, only a list of 
assignments are provided. The language recited from claim 13: "a plurality of allowed types of 
assignments of members of a community to positions in the community; a record of assignments 
of members of the community to positions in the community and disparate access privileges to 
records of a member for at least two of the allowed types of assignments'' 1 is indefinite and does 
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not particularly point out and distinctly claim the Applicant's invention in a comprehendible 
fashion. 

F. FORMAL PRIOR ART REJECTION(s) and RESPONSES 

Response to Arguments 
20. Applicant's arguments filed July 18, 1999 have been fully considered. This response has 
been necessitated by Applicant's amendments and arguments. Applicant's arguments regarding 
the prior art of record are simply not persuasive. The rejection based on Howell et al. et al. under 
35 U.S.C. 102 stands and expanded. The rejection based on Howell et al. in view of Meyer is 
withdrawn since Howell et al. et al. either inherently or expressly teaches Applicant's invention as 
claimed. 

Specific Response to Arguments and Amendments 
2 1 Howell et al. explicitly teaches the user having multiple and disparate access privileges to 
data within an organization. Further, these privileges are changeable based on affiliations with the 
data and access need within the organization. The users, affiliations and access privileges can be 
grouped. Storage of the users information with disparate access privileges affiliated with work 
objects or data within an organization(s) seems to be what Applicant has claimed inventive. At 
least this is what has been argued to date. 
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Claim 1, recites nothing more than providing a user with access to data based on stored 
affiliations with groupings for associated user privileges or access levels. This is nothing more 
than associating which data files a specific user has access privileges to, allowing this relationship 
to be reassigned and providing different levels of access to different data based on the associations 
between users and data. In simpler terms, a standard well known and off the shelf access privilege 
setting scheme that has been in existence for decades. Claim 7, is merely reciting storing of 
assignments of members with positions in a community. An organization chart stored in a 
computer is within the scope of this claim. Claim 13, is merely reciting a plurality of assignments 
of members in a communities with positions, recording these assignments and providing members 
with different levels of access privileges based on assignments and members. A access control 
system based on users positions within an organization relationship to allowed data is within the 
scope of this claim. 

Examiner believes that Applicants are most probably attempting to cover "user-role" or 
"role-based" access control for a distributed system, however have fallen far short of actually 
claiming such an invention. Again, these systems are well known and are herewith asserted as 
prior art teachings of such systems. 

In response to Applicant's argument that the references fail to show certain features of 
applicant's invention, it is noted that the features upon which applicant relies (i.e., assigning 
members of a community, one manager position may be assigned to another manger position) are 
not recited in the rejected claim(s). Although the claims are interpreted in light of the 
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specification, limitations from the specification are not read into the claims. /// re Van Guens, 988 
F.2d 1 181, 26 USPQ2d 1057 (Fed. Cir. 1993). 

Further, in response to Applicant's argument that the references fail to show certain 
features of applicant's invention, it is noted that the features upon which applicant relies for 
supporting the disparate access privileges limitation are not recited in the rejected claim(s). 
Although the claims are interpreted in light of the specification, limitations from the 
specification are not read into the claims. /// re Van Guens, 988 F.2d 1 181, 26 USPQ2d 1057 
(Fed. Cir. 1993). 

In response to Applicant's arguments, the recitation that a method of storing relationships 
between members of a community in a computer system, has not been given patentable weight 
because the recitation occurs in the preamble. A preamble is generally not accorded any 
patentable weight where it merely recites the purpose of a process or the intended use of a 
structure, and where the body of the claim does not depend on the preamble for completeness but, 
instead, the process steps or structural limitations are able to stand alone. /// re Hirao, 535 
F.2d 67, 190 USPQ 15 (CCPA 1976); Kropa v. Robie, 88 USPQ 478, 481 (CCPA 1951). 

Applicant failed to claim the operational and/or function differences for assigning, relating 
or setting disparate access privileges in such a manner that would distinguish Applicants' 
invention over the prior art teachings found within Howell et aL 

Furthermore, Applicants' arguments amount to a general allegation that the claims define 
a patentable invention without specifically pointing out how the language of the claims 
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patentably distinguishes them from the references. Applicants have responded by selective 
interpretation and selective viewing without providing a proper analysis as to the points of 
distinction. 

Applicant is solving the same problem with the same technology in the same manner as the 
prior art. There is not an inventive step when all that is claimed is that which is well known and 
inherent in the art. Applicant's invention and Howell et al. perform the same functions and 
operations with the same equipment. This teachings provides for different settings of access 
privileges for users, members and groups with affiliations between the user and the object or data. 

Applicant has not provided any effective argument as to any patentable distinction, 
improvement or unexpected result that might occur over the prior art teachings when Applicant's 
method of providing different access privileges to different users based on affiliations than that 
which are built into the Howell et al. teachings. Applicant appears to believe the novelty is within 
the ability of the system to store and change data relating to providing changeable access 
privileges to different users with varying levels of access. This is merely using the well known 
tool of the trade for its specific purpose. The courts have held that "A reference anticipates a 
claim if it discloses the claimed invention such that a skilled artisan could take its teachings in 
combination with his own knowledge of the particular art and be in possession of the invention ". 
/// re Graves, 36 USPQ2d 1697 (Fed. Or. 1995); In re Sase, 207 USPO 107 (CCPA 1980); In re 
Samour, 197 USPO 1 (CCPA 1978). 
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Claim Rejections - 35 U.S.C § 102 

22. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless — 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or 
on sale in this country, more than one year prior to the date of application for patent in the United States. 

(e) the invention was described in a patent granted on an application for patent by another filed in the United 
States before the invention thereof by the applicant for patent, or on an international application by another who 
has fulfilled the requirements of paragraphs (1), (2), and (4) of section 37 1(c) of this title before the invention 
thereof by the applicant for patent. 

23. Claims 1-15 are rejected under 35 U.S.C. § 102(b) as being clearly anticipated by Rabitti 
et al. or Baldwin or Demurjian et al. or Abraham et al.(903) or Howell et al. et af. and rejected 
under 35 U.S.C. § 102(e) as being clearly anticipated by Deinhart et al. or Barkley. 

Taking claim 1, for example, Rabitti et al. and Baldwin and Demurjian and Abraham et 
al.(903) and Deinhart et al. and Barkley and Howell et al. et al. disclose: 

Rabitti et al.: Abstract, sections entitled: Instruction, 2.2 Intuitive Overview of the Basic 
Authorization Concepts, 3 Implication Rules, Figures 7-9 with related text, 3.3 Authorization 
Objects, 3.3.2 Association of Authorization Types with Authorization Objects, 3.3.4 Rules for 
Computing Implicit Strong Authorizations, 4 Implicit Authorizations for Object-Oriented and 
Semantic Modeling Concepts, 5 Implementation Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 
Access Strategies 
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Baldwin: Title, Abstract, Introduction, sections entitled: Groups Object Privileges and 
Individuals, page 1 19, Managing Changes to the Security Configuration, Aspects of security 
administration, page 120, pages 121-128 

Demurjian et a.: Title, Abstract, Figures 1-3, sections entitled: 1. Introduction and 

Motivation, 2.1 An Object-Oriented Design Model, 2.3 A User-Role Definition Hierarchy, 2.3 

Method Assignment, 3 The URDH and Application Analysis, pages 198-202. 
Abraham et al.(903): Title, Abstract, Figures 2-15, Summary of the Invention, Detailed 

Description of Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq. 
Deinhart et ah: Title: Method and System for Advanced Role-Based Access control in 

Distributed and Centralized Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, 

Description of Prior Art, Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et 

seq., col. 8, lines 53 et seq, col. 9, lines 38 et seq. 

Barkley: Title: Workflow Management Employing Role-Based Access Control, Abstract, 

Figure 1 (prior art) and 2, users 26, user ID 28, Subjects 20, roles 30, operations 32, 

Background of the Invention, Description of the Preferred Embodiments, col. 5, lines 55 et seq. 
Howell et al. et ah: Title, Abstract, Figures 2, 3, flow chart in figure 4, col. 2, lines 35 et seq., 

col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et seq., allows for changes in user 

and group membership access within the organization. 

A method of providing access privileges to records of members of a community, 

comprising the steps of 
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storing an assignment of a member of a community to a first position in the 
community to generate a first relationship; 

automatically providing a manager of the first position with access privileges to 
records of the member basal on the first relationship; 

storing an additional assignment of the member to a second position in the community 
to generate a second relationship; and 

during pendency of the additional assignment, automatically providing a manager of 
the second position with disparate access privileges to records of the member based on the 
second relationship. 

As to claim 2, the method of Claim 1, wherein the manager of the second position has 
access privileges to records of the member is taught throughout Rabitti et al. and Baldwin and 
Demurjian and Abraham et al. (903) and Deinhart et al. and Barkley and Howell et al. et 
al. (Rabitti et al.: Abstract, sections entitled: Instruction, 2.2 Intuitive Overview of the Basic 
Authorization Concepts, 3 Implication Rules, Figures 7-9 with related text, 3.3 Authorization 
Objects, 3.3.2 Association of Authorization Types with Authorization Objects, 3.3.4 Rules for 
Computing Implicit Strong Authorizations, 4 Implicit Authorizations for Object-Oriented and 
Semantic Modeling Concepts, 5 Implementation Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 
Access Strategies; Baldwin: Title, Abstract, Introduction, sections entitled: Groups Object 
Privileges and Individuals, page 1 19, Managing Changes to the Security Configuration, Aspects 



Application/Control Number: 
Art Unit: 2123 



Page 22 



of security administration, page 120, pages 121-128; Demurjian et a.: Title, Abstract, Figures 1- 
3, sections entitled: 1. Introduction and Motivation, 2.1 An Object-Oriented Design Model, 2.3 A 
User-Role Definition Hierarchy, 2.3 Method Assignment, 3 The URDH and Application Analysis, 
pages 198-202.; Abraham et al.(903): Title, Abstract, Figures 2-15, Summary of the Invention, 
Detailed Description of Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq.; 
Deinhart et aL: Title: Method and System for Advanced Role-Based Access control in 
Distributed and Centralized Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, 
Description of Prior Art, Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et seq., 
col. 8, lines 53 et seq, col. 9, lines 38 et seq.; Barkley: Title: Workflow Management Employing 
Role-Based Access Control, Abstract, Figure 1 (prior art) and 2, users 26, user ID 28, Subjects 
20, roles 30, operations 32, Background of the Invention, Description of the Preferred 
Embodiments, col. 5, lines 55 et seq.; Howell et al. et al.: Title, Abstract, Figures 2, 3, flow chart 
in figure 4, col. 2, lines 35 et seq., col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et 
seq., allows for changes in user and group membership access within the organization.^ 

As to claim 3, the method of Claim 1, wherein the manager of the first position has access 
privileges to administrative records of the member denied to the manager of the second position is 
taught throughout Rabitti et al. and Baldwin and Demurjian and Abraham et al. (903) and 
Deinhart et al. and Barkley and Howell et al. et al. (Rabitti et al.: Abstract, sections entitled: 
Instruction, 2.2 Intuitive Overview of the Basic Authorization Concepts, 3 Implication Rules, 
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Figures 7-9 with related text, 3 .3 Authorization Objects, 3.3 .2 Association of Authorization 
Types with Authorization Objects, 3.3.4 Rules for Computing Implicit Strong Authorizations, 4 
Implicit Authorizations for Object-Oriented and Semantic Modeling Concepts, 5 Implementation 
Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 Access Strategies; Baldwin: Title, Abstract, 
Introduction, sections entitled: Groups Object Privileges and Individuals, page 1 19, Managing 
Changes to the Security Configuration, Aspects of security administration, page 120, pages 121- 
128; Demurjian et a,: Title, Abstract, Figures 1-3, sections entitled: 1. Introduction and 
Motivation, 2,1 An Object-Oriented Design Model, 2.3 A User-Role Definition Hierarchy, 2.3 
Method Assignment, 3 The URDH and Application Analysis, pages 198-202.; Abraham et 
al.(903): Title, Abstract, Figures 2-15, Summary of the Invention, Detailed Description of 
Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq.; Deinhart et aL: Title: 
Method and System for Advanced Role-Based Access control in Distributed and Centralized 
Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, Description of Prior Art, 
Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et seq., col. 8, lines 53 et seq, 
col. 9, lines 38 et seq.; Barkley: Title: Workflow Management Employing Role-Based Access 
Control, Abstract, Figure 1 (prior art) and 2, users 26, user ID 28, Subjects 20, roles 30, 
operations 32, Background of the Invention, Description of the Preferred Embodiments, col. 5, 
lines 55 et seq.; Howell et al. et aL: Title, Abstract, Figures 2, 3, flow chart in figure 4, col. 2, 
lines 35 et seq., col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et seq., allows for 
changes in user and group membership access within the organization.^ 
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As to claim 4, the method of Claim 1 , wherein the additional assignment comprises a tern 
work assignment is taught throughout Rabitti et al. and Baldwin and Demurjian and Abraham et 
al. (903) and Deinhart et al. and Barkley and Howell et al. et al. (Rabitti et ah: Abstract, sections 
entitled: Instruction, 2.2 Intuitive Overview of the Basic Authorization Concepts, 3 Implication 
Rules, Figures 7-9 with related text, 3.3 Authorization Objects, 3.3.2 Association of 
Authorization Types with Authorization Objects, 3.3.4 Rules for Computing Implicit Strong 
Authorizations, 4 Implicit Authorizations for Object-Oriented and Semantic Modeling Concepts, 
5 Implementation Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 Access Strategies; Baldwin: Title, 
Abstract, Introduction, sections entitled: Groups Object Privileges and Individuals, page 1 19, 
Managing Changes to the Security Configuration, Aspects of security administration, page 120, 
pages 121-128; Demurjian et a.: Title, Abstract, Figures 1-3, sections entitled: 1. Introduction 
and Motivation, 2.1 An Object-Oriented Design Model, 2.3 A User-Role Definition Hierarchy, 
2.3 Method Assignment, 3 The URDH and Application Analysis, pages 198-202.; Abraham et 
al.(903): Title, Abstract, Figures 2-15, Summary of the Invention, Detailed Description of 
Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq.; Deinhart et ah: Title: 
Method and System for Advanced Role-Based Access control in Distributed and Centralized 
Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, Description of Prior Art, 
Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et seq., col. 8, lines 53 et seq, 
col. 9, lines 38 et seq.; Barkley: Title: Workflow Management Employing Role-Based Access 
Control, Abstract, Figure 1 (prior art) and 2, users 26, user ID 28, Subjects 20, roles 30, 
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operations 32, Background of the Invention, Description of the Preferred Embodiments, col. 5, 
lines 55 et seq.; Howell et al. et al.: Title, Abstract, Figures 2, 3, flow chart in figure 4, col. 2, 
lines 35 et seq., col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et seq., allows for 
changes in user and group membership access within the organization.,) 

As to claim 5, the method of Claim 1, wherein the community comprises a business 
member comprises an employee of the business is taught throughout Rabitti et al. and Baldwin 
and Demurjian and Abraham et al. (903) and Deinhart et al. and Barkley and Caruso et al. (Rabitti 
et al.: Abstract, sections entitled: Instruction, 2.2 Intuitive Overview of the Basic Authorization 
Concepts, 3 Implication Rules, Figures 7-9 with related text, 3.3 Authorization Objects, 3.3.2 
Association of Authorization Types with Authorization Objects, 3 .3.4 Rules for Computing 
Implicit Strong Authorizations, 4 Implicit Authorizations for Object-Oriented and Semantic 
Modeling Concepts, 5 Implementation Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 Access 
Strategies; Baldwin: Title, Abstract, Introduction, sections entitled: Groups Object Privileges and 
Individuals, page 1 19, Managing Changes to the Security Configuration, Aspects of security 
administration, page 120, pages 121-128; Demurjian et a,: Title, Abstract, Figures 1-3, sections 
entitled: 1. Introduction and Motivation, 2.1 An Object-Oriented Design Model, 2.3 A User-Role 
Definition Hierarchy, 2.3 Method Assignment, 3 The URDH and Application Analysis, pages 
198-202.; Abraham et al.(903): Title, Abstract, Figures 2-15, Summary of the Invention, 
Detailed Description of Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq.; 
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Deinhart et al.: Title: Method and System for Advanced Role-Based Access control in 
Distributed and Centralized Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, 
Description of Prior Art, Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et seq., 
col. 8, lines 53 et seq, col. 9, lines 38 et seq.; Barkley: Title; Workflow Management Employing 
Role-Based Access Control, Abstract, Figure 1 (prior art) and 2, users 26, user ID 28, Subjects 
20, roles 30, operations 32, Background of the Invention, Description of the Preferred 
Embodiments, col. 5, lines 55 et seq.; Howell et al. et ah: Title, Abstract, Figures 2, 3, flow chart 
in figure 4, col. 2, lines 35 et seq., col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et 
seq., allows for changes in user and group membership access within the organization.,) 

As to claim 6, the method of Claim 1, wherein the records comprise personnel records of 
the member is taught throughout Rabitti et al. and Baldwin and Demurjian and Abraham et al. 
(903) and Deinhart et al. and Barkley and Howell et al. et al (Rabitti et al.: Abstract, sections 
entitled: Instruction, 2.2 Intuitive Overview of the Basic Authorization Concepts, 3 Implication 
Rules, Figures 7-9 with related text, 3.3 Authorization Objects, 3.3.2 Association of 
Authorization Types with Authorization Objects, 3.3.4 Rules for Computing Implicit Strong 
Authorizations, 4 Implicit Authorizations for Object-Oriented and Semantic Modeling Concepts, 
5 Implementation Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 Access Strategies; Baldwin: Title, 
Abstract, Introduction, sections entitled: Groups Object Privileges and Individuals, page 1 19, 
Managing Changes to the Security Configuration, Aspects of security administration, page 120, 
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pages 121-128; Demurjian et a.: Title, Abstract, Figures 1-3, sections entitled: 1. Introduction 
and Motivation, 2. 1 An Object-Oriented Design Model, 2.3 A User-Role Definition Hierarchy, 
2.3 Method Assignment, 3 The URDH and Application Analysis, pages 198-202.; Abraham et 
al.(903): Title, Abstract, Figures 2-15, Summary of the Invention, Detailed Description of 
Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq.; Deinhart et ah: Title: 
Method and System for Advanced Role-Based Access control in Distributed and Centralized 
Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, Description of Prior Art, 
Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et seq., col. 8, lines 53 et seq, 
col. 9, lines 38 et seq.; Barkley: Title: Workflow Management Employing Role-Based Access 
Control, Abstract, Figure 1 (prior art) and 2, users 26, user ID 28, Subjects 20, roles 30, 
operations 32, Background of the Invention, Description of the Preferred Embodiments, col. 5, 
lines 55 et seq.; Howell et al. et ah: Title, Abstract, Figures 2, 3, flow chart in figure 4, col. 2, 
lines 35 et seq., col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et seq., allows for 
changes in user and group membership access within the organization.^ 
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24. Taking claim 7, for example, Rabitti et al. and Baldwin and Demurjian and Abraham et 
al.(903) and Deinhart et al. and Barkley and Howell et al. et al. disclose: 

Rabitti et al.: Abstract, sections entitled: Instruction, 2.2 Intuitive Overview of the Basic 
Authorization Concepts, 3 Implication Rules, Figures 7-9 with related text, 3.3 Authorization 
Objects, 3.3.2 Association of Authorization Types with Authorization Objects, 3.3.4 Rules for 
Computing Implicit Strong Authorizations, 4 Implicit Authorizations for Object-Oriented and 
Semantic Modeling Concepts, 5 Implementation Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 
Access Strategies 

Baldwin: Title, Abstract, Introduction, sections entitled: Groups Object Privileges and 
Individuals, page i 19, Managing Changes to the Security Configuration, Aspects of security 
administration, page 120, pages 121-128 

Demurjian et a.: Title, Abstract, Figures 1-3, sections entitled: 1. Introduction and 

Motivation, 2. 1 An Object-Oriented Design Model, 2.3 A User-Role Definition Hierarchy, 2.3 

Method Assignment, 3 The URDH and Application Analysis, pages 198-202. 
Abraham et al,(903): Title, Abstract, Figures 2-15, Summary of the Invention, Detailed 

Description of Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq. 
Deinhart et ah: Title: Method and System for Advanced Role-Based Access control in 

Distributed and Centralized Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, 

Description of Prior Art, Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et 

seq., col. 8, lines 53 et seq, col. 9, lines 38 et seq. 
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Barkley: Title: Workflow Management Employing Role-Based Access Control, Abstract, 

Figure 1 (prior art) and 2, users 26, user ID 28, Subjects 20, roles 30, operations 32, 

Background of the Invention, Description of the Preferred Embodiments, col. 5, lines 55 et seq. 
Howell et al. et aL: Title, Abstract, Figures 2, 3, flow chart in figure 4, col. 2, lines 35 et seq., 

col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et seq., allows for changes in user 

and group membership access within the organization. 

A method of storing relationships between members of a community in a computer 

system, comprising the steps of: 

storing a first assignment of a first member of a community to a first manager position 

in the community; 

storing a second assignment of a second member of the community to a second 
manager position in the community; and 

storing a third assignment of the first manager position to the second manager 
position. 

As to claim 8, the method of Claim 7, further comprising the step of automatically 
providing the first manager position with at least a portion of the access privileges of the second 
manager position to records of members of the community reporting to the second manager 
position is taught throughout Rabitti et al. and Baldwin and Demurjian and Abraham et al. (903) 
and Deinhart et al. and Barkley and Howell et al. et al. (Rabitti et ah: Abstract, sections entitled: 
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Instruction, 2.2 Intuitive Overview of the Basic Authorization Concepts, 3 Implication Rules, 
Figures 7-9 with related text, 3.3 Authorization Objects, 3.3.2 Association of Authorization 
Types with Authorization Objects, 3.3.4 Rules for Computing Implicit Strong Authorizations, 4 
Implicit Authorizations for Object-Oriented and Semantic Modeling Concepts, 5 Implementation 
Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 Access Strategies; Baldwin: Title, Abstract, 
Introduction, sections entitled: Groups Object Privileges and Individuals, page 119, Managing 
Changes to the Security Configuration, Aspects of security administration, page 120, pages 121- 
128; Demurjian et a.: Title, Abstract, Figures 1-3, sections entitled:!. Introduction and 
Motivation, 2. 1 An Object-Oriented Design Model, 2.3 A User-Role Definition Hierarchy, 2.3 
Method Assignment, 3 The URDH and Application Analysis, pages 198-202.; Abraham et 
al.(903): Title, Abstract, Figures 2-15, Summary of the Invention, Detailed Description of 
Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq.; Deinhart et al.: Title: 
Method and System for Advanced Role-Based Access control in Distributed and Centralized 
Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, Description of Prior Art, 
Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et seq., col. 8, lines 53 et seq, 
col. 9, lines 38 et seq.; Barkley: Title: Workflow Management Employing Role-Based Access 
Control, Abstract, Figure 1 (prior art) and 2, users 26, user ID 28, Subjects 20, roles 30, 
operations 32, Background of the Invention, Description of the Preferred Embodiments, col. 5, 
lines 55 et seq.; Howell et al. et al.: Title, Abstract, Figures 2, 3, flow chart in figure 4, col. 2, 
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lines 35 et seq., col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et seq., allows for 
changes in user and group membership access within the organization.^ 

As to claim 9, the method of Claim 7, further comprising the step of automatically 
providing the first manager position with full access privileges of the second manager position to 
records of members of the community reporting to the second manager position is taught 
throughout Rabitti et al. and Baldwin and Demurjian and Abraham et al. (903) and Deinhart et al- 
and Barkley and Howell et al. et al. (Rabitti et al.: Abstract, sections entitled: Instruction, 2.2 
Intuitive Overview of the Basic Authorization Concepts, 3 Implication Rules, Figures 7-9 with 
related text, 3.3 Authorization Objects, 3.3.2 Association of Authorization Types with 
Authorization Objects, 3.3 .4 Rules for Computing Implicit Strong Authorizations, 4 Implicit 
Authorizations for Object-Oriented and Semantic Modeling Concepts, 5 Implementation 
Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 Access Strategies; Baldwin: Title, Abstract, 
Introduction, sections entitled: Groups Object Privileges and Individuals, page 1 19, Managing 
Changes to the Security Configuration, Aspects of security administration, page 120, pages 121- 
128; Demurjian et a.: Title, Abstract, Figures 1-3, sections entitled: 1. Introduction and 
Motivation, 2.1 An Object-Oriented Design Model, 2.3 A User-Role Definition Hierarchy, 2.3 
Method Assignment, 3 The URDH and Application Analysis, pages 198-202.; Abraham et 
al.(903): Title, Abstract, Figures 2-15, Summary of the Invention, Detailed Description of 
Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq.; Deinhart et ah: Title: 
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Method and System for Advanced Role-Based Access control in Distributed and Centralized 
Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, Description of Prior Art, 
Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et seq., col. 8, lines 53 et seq, 
col. 9, lines 38 et seq.; Barkley: Title: Workflow Management Employing Role-Based Access 
Control, Abstract, Figure 1 (prior art) and 2, users 26, user ED 28, Subjects 20, roles 30, 
operations 32, Background of the Invention, Description of the Preferred Embodiments, col. 5, 
lines 55 et seq.; Howell et aL et ah: Title, Abstract, Figures 2, 3, flow chart in figure 4, col. 2, 
lines 35 et seq., col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et seq., allows for 
changes in user and group membership access within the organization.^ 

As to claim 1 0, the method of Claim 8, wherein the access privileges provided to the first 
manager position exclude access privileges of the second manager position to administrative 
records of members of the community reporting to the second manager position is taught 
throughout Rabitti et al. and Baldwin and Demurjian and Abraham et al. (903) and Deinhart et al. 
and Barkley and Howell et al. et al.(Rabitti et al.: Abstract, sections entitled: Instruction, 2.2 
Intuitive Overview of the Basic Authorization Concepts, 3 Implication Rules, Figures 7-9 with 
related text, 3.3 Authorization Objects, 3.3.2 Association of Authorization Types with 
Authorization Objects, 3.3.4 Rules for Computing Implicit Strong Authorizations, 4 Implicit 
Authorizations for Object-Oriented and Semantic Modeling Concepts, 5 Implementation 
Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 Access Strategies; Baldwin: Title, Abstract, 
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Introduction, sections entitled: Groups Object Privileges and Individuals, page 1 19, Managing 
Changes to the Security Configuration, Aspects of security administration, page 120, pages 121- 
128; Demurjian et a.: Title, Abstract, Figures 1-3, sections entitled:!. Introduction and 
Motivation, 2. 1 An Object-Oriented Design Model, 2.3 A User-Role Definition Hierarchy, 2.3 
Method Assignment, 3 The URDH and Application Analysis, pages 198-202.; Abraham et 
al.(903): Title, Abstract, Figures 2-15, Summary of the Invention, Detailed Description of 
Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq.; Deinhart et al.: Title: 
Method and System for Advanced Role-Based Access control in Distributed and Centralized 
Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, Description of Prior Art, 
Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et seq., col. 8, lines 53 et seq, 
col. 9, lines 38 et seq.; Barkley: Title: Workflow Management Employing Role-Based Access 
Control, Abstract, Figure 1 (prior art) and 2, users 26, user ID 28, Subjects 20, roles 30, 
operations 32, Background of the Invention, Description of the Preferred Embodiments, col. 5, 
lines 55 et seq.; Howell et al. et ah: Title, Abstract, Figures 2, 3, flow chart in figure 4, col. 2, 
lines 35 et seq., col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et seq., allows for 
changes in user and group membership access within the organization.^ 

As to claim 1 1, the method of Claim 7, wherein the community comprises a business and 
the first and second members comprise employees of the business is taught throughout Rabitti et 
al. and Baldwin and Demurjian and Abraham et al. (903) and Deinhart et al. and Barkley and 
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Howell et al. et al (Rabitti et aL: Abstract, sections entitled: Instruction, 2.2 Intuitive Overview 
of the Basic Authorization Concepts, 3 Implication Rules, Figures 7-9 with related text, 3.3 
Authorization Objects, 3 .3.2 Association of Authorization Types with Authorization Objects, 
3.3.4 Rules for Computing Implicit Strong Authorizations, 4 Implicit Authorizations for Object- 
Oriented and Semantic Modeling Concepts, 5 Implementation Considerations, 5.1 Role Lattice, 
5.2 , 5.2.2 Access Strategies; Baldwin: Title, Abstract, Introduction, sections entitled: Groups 
Object Privileges and Individuals, page 1 19, Managing Changes to the Security Configuration, 
Aspects of security administration, page 120, pages 121-128; Demurjian et a.: Title, Abstract, 
Figures 1-3, sections entitled: 1. Introduction and Motivation, 2.1 An Object-Oriented Design 
Model, 2.3 A User-Role Definition Hierarchy, 2.3 Method Assignment, 3 The URDH and 
Application Analysis, pages 198-202.; Abraham et al.(903): Title, Abstract, Figures 2-15, 
Summary of the Invention, Detailed Description of Preferred Embodiments, col. 9, lines 25 et 
seq., col. 19, lines 8 et seq.; Deinhart et al.: Title: Method and System for Advanced Role-Based 
Access control in Distributed and Centralized Computer Systems, Abstract, Figures 1 , 2 A-2C, 
3 A-3B, 5, 6 and 7, Description of Prior Art, Summary of the Invention, col. 6, lines 65 et seq., 
col. 7, lines 16 et seq., col. 8, lines 53 et seq, col. 9, lines 38 et seq.; Barkley: Title: Workflow 
Management Employing Role-Based Access Control, Abstract, Figure 1 (prior art) and 2, users 
26, user ID 28, Subjects 20, roles 30, operations 32, Background of the Invention, Description of 
the Preferred Embodiments, col 5, lines 55 et seq.; Howell et aL et al.: Title, Abstract, Figures 2, 
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3, flow chart in figure 4, col. 2, lines 35 et seq., col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, 
lines 17 et seq., allows for changes in user and group membership access within the organization J 

As to claim 12, the method of Claim 7, wherein the records comprise personnel records of 
the member is taught throughout Rabitti et al. and Baldwin and Demurjian and Abraham et al. 
(903) and Deinhart et al. and Barkley and Howell et al. et al. (Rabitti et al.: Abstract, sections 
entitled: Instruction, 2.2 Intuitive Overview of the Basic Authorization Concepts, 3 Implication 
Rules, Figures 7-9 with related text, 3.3 Authorization Objects, 3.3.2 Association of 
Authorization Types with Authorization Objects, 3.3/4 Rules for Computing Implicit Strong 
Authorizations, 4 Implicit Authorizations for Object-Oriented and Semantic Modeling Concepts, 
5 Implementation Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 Access Strategies; Baldwin: Title, 
Abstract, Introduction, sections entitled: Groups Object Privileges and Individuals, page 1 19, 
Managing Changes to the Security Configuration, Aspects of security administration, page 120, 
pages 121-128; Demurjian et a.: Title, Abstract, Figures 1-3, sections entitled: 1. Introduction 
and Motivation, 2.1 An Object-Oriented Design Model, 2.3 A User-Role Definition Hierarchy, 
2.3 Method Assignment, 3 The URDH and Application Analysis, pages 198-202.; Abraham et 
al.(903): Title, Abstract, Figures 2-15, Summary of the Invention, Detailed Description of 
Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq.; Deinhart et ah: Title: 
Method and System for Advanced Role-Based Access control in Distributed and Centralized 
Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, Description of Prior Art, 
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Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et seq., col. 8, lines 53 et seq, 
col. 9, lines 38 et seq.; Barkley: Title. Workflow Management Employing Role-Based Access 
Control, Abstract, Figure 1 (prior art) and 2, users 26, user ID 28, Subjects 20, roles 30, 
operations 32, Background of the Invention, Description of the Preferred Embodiments, col. 5, 
lines 55 et seq.; Howell et al. et al.: Title, Abstract, Figures 2, 3, flow chart in figure 4, col. 2, 
lines 35 et seq., col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et seq., allows for 
changes in user and group membership access within the organization.^ 

25. Taking claim 13, for example, Rabitti et al. and Baldwin and Demurjian and Abraham et 
al, (903) and Deinhart et al. and Barkley and Howell et al. et al. disclose: 

Rabitti et al.: Abstract, sections entitled: Instruction, 2.2 Intuitive Overview of the Basic 
Authorization Concepts, 3 Implication Rules, Figures 7-9 with related text, 3.3 Authorization 
Objects, 3.3.2 Association of Authorization Types with Authorization Objects, 3.3.4 Rules for 
Computing Implicit Strong Authorizations, 4 Implicit Authorizations for Object-Oriented and 
Semantic Modeling Concepts, 5 Implementation Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 
Access Strategies 

Baldwin: Title, Abstract, Introduction, sections entitled: Groups Object Privileges and 
Individuals, page 1 1 9, Managing Changes to the Security Configuration, Aspects of security 
administration, page 120, pages 121-128 
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Demurjian et a.: Title, Abstract, Figures 1-3, sections entitled: 1. Introduction and Motivation, 

2. 1 An Object-Oriented Design Model, 2.3 A User-Role Definition Hierarchy, 2.3 Method 

Assignment, 3 The URDH and Application Analysis, pages 198-202. 

Abraham ef al.(903): Title, Abstract, Figures 2-15, Summary of the Invention, Detailed 

Description of Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq. 
Deinhart et al.: Title: Method and System for Advanced Role-Based Access control in 

Distributed and Centralized Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, 

Description of Prior Art, Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et 

seq., col. 8, lines 53 et seq, col. 9, lines 38 et seq. 

Barkley: Title: Workflow Management Employing Role-Based Access Control, Abstract, 

Figure 1 (prior art) and 2, users 26, user ID 28, Subjects 20, roles 30, operations 32, 

Background of the Invention, Description of the Preferred Embodiments, col. 5, lines 55 et seq. 
Howell et al. et al.: Title, Abstract, Figures 2, 3, flow chart in figure 4, col. 2, lines 35 et seq., 

col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et seq., allows for changes in user 

and group membership access within the organization. 

A system for providing access privileges to records of members within a community, 

comprising: 

a plurality of allowed types of assignments of members of a community to positions in 
the community; 

a record of assignments of members of the community to positions in the community; 

and 
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disparate access privileges to records of a member for at least two of the allowed types 
of assignments. 

As to claim 14, the system of Claim 13, wherein the allowed assignments include 
assignments between positions in the community is taught throughout Rabitti et al. and Baldwin 
and Demurjian and Abraham et al. (903) and Deinhart et al. and Barkley and Howell et al. et 
al. (Rabitti et al.: Abstract, sections entitled: Instruction, 2.2 Intuitive Overview of the Basic 
Authorization Concepts, 3 Implication Rules, Figures 7-9 with related text, 3.3 Authorization 
Objects, 3.3.2 Association of Authorization Types with Authorization Objects, 3.3.4 Rules for 
Computing Implicit Strong Authorizations, 4 Implicit Authorizations for Object-Oriented and 
Semantic Modeling Concepts, 5 Implementation Considerations, 5.1 Role Lattice, 5.2 , 5.2.2 
Access Strategies; Baldwin: Title, Abstract, Introduction, sections entitled: Groups Object 
Privileges and Individuals, page 1 19, Managing Changes to the Security Configuration, Aspects 
of security administration, page 120, pages 121-128; Demurjian et a.: Title, Abstract, Figures 1- 
3, sections entitled: 1. Introduction and Motivation, 2. 1 An Object-Oriented Design Model, 2.3 A 
User-Role Definition Hierarchy, 2.3 Method Assignment, 3 The URDH and Application Analysis, 
pages 198-202.; Abraham et al.(903): Title, Abstract, Figures 2-15, Summary of the Invention, 
Detailed Description of Preferred Embodiments, col. 9, lines 25 et seq., col. 19, lines 8 et seq.; 
Deinhart et al.: Title: Method and System for Advanced Role-Based Access control in 
Distributed and Centralized Computer Systems, Abstract, Figures 1, 2A-2C, 3A-3B, 5, 6 and 7, 
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Description of Prior Art, Summary of the Invention, col. 6, lines 65 et seq., col. 7, lines 16 et seq., 
col. 8, lines 53 et seq, col. 9, lines 38 et seq.; Barkley: Title: Workflow Management Employing 
Role-Based Access Control, Abstract, Figure 1 (prior art) and 2, users 26, user ID 28, Subjects 
20, roles 30, operations 32, Background of the Invention, Description of the Preferred 
Embodiments, col. 5, lines 55 et seq.; Howell et al. et aL: Title, Abstract, Figures 2, 3, flow chart 
in figure 4, col. 2, lines 35 et seq., col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, lines 17 et 
seq., allows for changes in user and group membership access within the organization.^ 

As to claim 15, the system of Claim 13, wherein a temporary assignment of a member to a 
position is associated with limited access privileges to records of the member is taught throughout 
Rabitti et al. and Baldwin and Demurjian and Abraham et al. (903) and Deinhart et al. and Barkley 
and Howell et al. et al. (Rabitti et al.: Abstract, sections entitled: Instruction, 2.2 Intuitive 
Overview of the Basic Authorization Concepts, 3 Implication Rules, Figures 7-9 with related text, 
3.3 Authorization Objects, 3.3.2 Association of Authorization Types with Authorization Objects, 
3.3.4 Rules for Computing Implicit Strong Authorizations, 4 Implicit Authorizations for Object- 
Oriented and Semantic Modeling Concepts, 5 Implementation Considerations, 5.1 Role Lattice, 
5.2 , 5.2.2 Access Strategies; Baldwin: Title, Abstract, Introduction, sections entitled: Groups 
Object Privileges and Individuals, page 119, Managing Changes to the Security Configuration, 
Aspects of security administration, page 120, pages 121-128; Demurjian et a.: Title, Abstract, 
Figures 1-3, sections entitled:!. Introduction and Motivation, 2.1 An Object-Oriented Design 
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Model, 2.3 A User-Role Definition Hierarchy, 2.3 Method Assignment, 3 The URDH and 
Application Analysis, pages 198-202.; Abraham et al.(903): Title, Abstract, Figures 2-15, 
Summary of the Invention, Detailed Description of Preferred Embodiments, col. 9, lines 25 et 
seq., col. 19, lines 8 et seq.; Deinhart et aL: Title: Method and System for Advanced Role-Based 
Access control in Distributed and Centralized Computer Systems, Abstract, Figures 1, 2A-2C, 
3A-3B, 5, 6 and 7, Description of Prior Art, Summary of the Invention, col. 6, lines 65 et seq., 
col. 7, lines 16 et seq., col. 8, lines 53 et seq, col. 9, lines 38 et seq.; Barkley: Title: Workflow 
Management Employing Role-Based Access Control, Abstract, Figure 1 (prior art) and 2, users 
26, user ID 28, Subjects 20, roles 30, operations 32, Background of the Invention, Description of 
the Preferred Embodiments, col. 5, lines 55 et seq.; Howell et ah et aL: Title, Abstract, Figures 2, 
3, flow chart in figure 4, col. 2, lines 35 et seq., col. 4, lines 24 et seq., col. 5, lines 23 -55, col. 6, 
lines 17 et seq., allows for changes in user and group membership access within the organization.,) 

Conclusion 

26. The prior art made of record and not relied upon is considered pertinent to Applicant's 
disclosure is listed on the attached PTO 892, careful consideration should be given prior to 
Applicant's response to this Office Action. 
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27. A shortened statutory period for response to this action is set to expire 3 (three) months 
and 0 (zero) days from the mail date of this action. Failure to respond within the period for 
response will result in ABANDONMENT of the application (see 35 U.S.C. 133, M.P.E.P. 
710.02, 710.02(b)). 

28. Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to William Thomson whose telephone number is (703) 305-0022. The 
examiner can be usually reached between 9:30 a.m. - 4:00 p.m. Monday thru Friday. Voice mail is 
checked throughout the day. Please leave a detailed message. 

If attempts to reach the Examiner by telephone are unsuccessful, the Examiner's 
supervisor, Mr. Kevin Teska, can be reached on 704-305-9704. The fax phone number for this 
Group is 703-308-1396. 

Any inquiry of a general nature or relating to the status of this application should be 
directed to the Group receptionist whose telephone number is 703 -3 05-39^^ 



William D. Thomson 




A.U. 2123 
October 31, 2000 



